News: Employees see blame going to IT, not those responsible for breach.
One in four European C-level execs have knowingly exposed their firm to a potential cyber security threat, according to a new survey by Palo Alto Networks.
In the survey of business decision makers, 35% of UK respondents said they do not know what fully defines an online security risk, the highest in the survey. This was over twice the number of French respondents, only 17% of whom said the same thing, the lowest in the survey.
The survey found that 18% of management-level staff do not feel they have a personal role to play in their firm’s cyber security policies, with those in the UK are the least likely to feel personally involved in protecting their employer against cyber security risks.
This bypassing of cyber security policy is born out of frustration at not being able to use tools and sites that would enable better job performance, with 17% saying they feel this way.
If a successful attack were to happen 21% think that the employee actually responsible for the breach would be held accountable, while 40% believe that IT would shoulder the blame.
Greg Day, vice president and regional chief security officer, EMEA, at Palo Alto Networks said: "The findings suggest senior employees are over-confident and willing to take chances because of a belief that ‘it won’t happen to them.’ With changing regulations, visibility of what is really happening in Europe will shift in the coming years, and risk-taking will fall.
"The impact of employees’ actions may not be immediately visible as attacks often happen later – meaning organisations may struggle to identify their source."
These results are despite 96% of respondents acknowledging that cyber security is a priority for their firm, and that European organisations are predicted to spend $35.53bn on cyber security by 2019.